urlscan.io logo urlscan.io
SecurityTrails logo

xtramiles.afrasiabank.com Open in urlscan Pro
216.119.218.211  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://xtramiles.afrasiabank.com/
Effective URL: https://xtramiles.afrasiabank.com/rewards/phoenix/Afrasia
Submission: On November 12 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 19 HTTP transactions. The main IP is 216.119.218.211, located in St Louis, United States and belongs to MASTER-7-AS, US. The main domain is xtramiles.afrasiabank.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on January 5th 2021. Valid for: a year.
This is the only time xtramiles.afrasiabank.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 20 216.119.218.211 26380 (MASTER-7-AS)
19 1
Apex Domain
Subdomains		 Transfer
20 afrasiabank.com
xtramiles.afrasiabank.com
966 KB
19 1
Domain Requested by
20 xtramiles.afrasiabank.com 1 redirects xtramiles.afrasiabank.com
19 1
Subject Issuer Validity Valid
xtramiles.afrasiabank.com
Entrust Certification Authority - L1K		 2021-01-05 -
2022-01-05		 a year crt.sh

This page contains 1 frames:

Primary Page: https://xtramiles.afrasiabank.com/rewards/phoenix/Afrasia
Frame ID: 1B701DB5E6B31AF7B2BF683DE448BE5F
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Welcome To XtraMilesUntitled Document

Page URL History Show full URLs

  1. https://xtramiles.afrasiabank.com/ HTTP 302
    https://xtramiles.afrasiabank.com/rewards/phoenix/Afrasia Page URL

Page Statistics

19
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

965 kB
Transfer

1257 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://xtramiles.afrasiabank.com/ HTTP 302
    https://xtramiles.afrasiabank.com/rewards/phoenix/Afrasia Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Afrasia
xtramiles.afrasiabank.com/rewards/phoenix/
Redirect Chain
  • https://xtramiles.afrasiabank.com/
  • https://xtramiles.afrasiabank.com/rewards/phoenix/Afrasia
78 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xtramiles.afrasiabank.com/rewards/phoenix/Afrasia
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.119.218.211 St Louis, United States, ASN26380 (MASTER-7-AS, US),
Reverse DNS
chaserewardsfordebit.com
Software
/
Resource Hash
a0dd2b0cec5cf8931254fde92344ee513d9b1669efe6648b25894779b3ef41cc
Security Headers
Name Value
Strict-Transport-Security max-age=600
X-Frame-Options SAMEORIGIN
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Fri, 12 Nov 2021 11:35:27 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=600
X-FRAME-OPTIONS
SAMEORIGIN
Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Type
text/html;charset=UTF-8
Vary
Accept-Encoding
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Encoding
gzip
Transfer-Encoding
chunked

Redirect headers

Date
Fri, 12 Nov 2021 11:35:27 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=600
Location
https://xtramiles.afrasiabank.com/rewards/phoenix/Afrasia
Content-Length
241
Keep-Alive
timeout=5, max=97
Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1
Vary
Accept-Encoding
normalize.css
xtramiles.afrasiabank.com/rewards/theme/phoenix/css/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xtramiles.afrasiabank.com/rewards/theme/phoenix/css/normalize.css?20190601
Requested by
Host: xtramiles.afrasiabank.com
URL: https://xtramiles.afrasiabank.com/rewards/phoenix/Afrasia
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.119.218.211 St Louis, United States, ASN26380 (MASTER-7-AS, US),
Reverse DNS
chaserewardsfordebit.com
Software
/
Resource Hash
b486d6a6e3ffd5cae6a7ebb5fb3fb2c729ec5674d57458aec5945440b4ec8593
Security Headers
Name Value
Strict-Transport-Security max-age=600
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xtramiles.afrasiabank.com/rewards/phoenix/Afrasia
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Strict-Transport-Security
max-age=600
Content-Encoding
gzip
Last-Modified
Thu, 02 Sep 2021 17:47:54 GMT
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
ETag
W/"1982-1630604874000"
Vary
Accept-Encoding
Content-Type
text/css;charset=UTF-8
Cache-Control
max-age=28800
Date
Fri, 12 Nov 2021 11:35:27 GMT
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
1179
Expires
Fri, 12 Nov 2021 19:35:27 GMT
foundation.ltr.min.css
xtramiles.afrasiabank.com/rewards/theme/phoenix/css/ 		173 KB
44 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xtramiles.afrasiabank.com/rewards/theme/phoenix/css/foundation.ltr.min.css?20190601
Requested by
Host: xtramiles.afrasiabank.com
URL: https://xtramiles.afrasiabank.com/rewards/phoenix/Afrasia
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.119.218.211 St Louis, United States, ASN26380 (MASTER-7-AS, US),
Reverse DNS
chaserewardsfordebit.com
Software
/
Resource Hash
285f8340efd5f2beceb9619188f88d65cc53fa271db4c8778a5ff9538f40ffad
Security Headers
Name Value
Strict-Transport-Security max-age=600
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xtramiles.afrasiabank.com/rewards/phoenix/Afrasia
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Strict-Transport-Security
max-age=600
Content-Encoding
gzip
Last-Modified
Thu, 02 Sep 2021 17:47:40 GMT
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
ETag
W/"177470-1630604860000"
Vary
Accept-Encoding
Content-Type
text/css;charset=UTF-8
Cache-Control
max-age=28800
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Date
Fri, 12 Nov 2021 11:35:27 GMT
Expires
Fri, 12 Nov 2021 19:35:27 GMT
main.css
xtramiles.afrasiabank.com/rewards/theme/phoenix/css/ 		134 KB
39 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xtramiles.afrasiabank.com/rewards/theme/phoenix/css/main.css?20190601
Requested by
Host: xtramiles.afrasiabank.com
URL: https://xtramiles.afrasiabank.com/rewards/phoenix/Afrasia
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.119.218.211 St Louis, United States, ASN26380 (MASTER-7-AS, US),
Reverse DNS
chaserewardsfordebit.com
Software
/
Resource Hash
3377923959440a6b94a041bee2bb3c2bcf07475ca073db56db30d75e86839b3d
Security Headers
Name Value
Strict-Transport-Security max-age=600
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xtramiles.afrasiabank.com/rewards/phoenix/Afrasia
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Strict-Transport-Security
max-age=600
Content-Encoding
gzip
Last-Modified
Thu, 02 Sep 2021 17:47:54 GMT
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
ETag
W/"137674-1630604874000"
Vary
Accept-Encoding
Content-Type
text/css;charset=UTF-8
Cache-Control
max-age=28800
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Date
Fri, 12 Nov 2021 11:35:27 GMT
Expires
Fri, 12 Nov 2021 19:35:27 GMT
ImageDisplayServlet
xtramiles.afrasiabank.com/rewards/ 		39 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xtramiles.afrasiabank.com/rewards/ImageDisplayServlet?file=/apps_01/webapps/MRS/mcrewards_content/Programs/Afrasia/en_US/custom_css20180911.css
Requested by
Host: xtramiles.afrasiabank.com
URL: https://xtramiles.afrasiabank.com/rewards/phoenix/Afrasia
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.119.218.211 St Louis, United States, ASN26380 (MASTER-7-AS, US),
Reverse DNS
chaserewardsfordebit.com
Software
/
Resource Hash
04a93714d86f4431bd0fd8c1ba4b4236ae33676f8656ce68d3aefbbd74518c60
Security Headers
Name Value
Strict-Transport-Security max-age=600
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xtramiles.afrasiabank.com/rewards/phoenix/Afrasia
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Strict-Transport-Security
max-age=600
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Thu, 06 Aug 2020 22:41:34 GMT
Date
Fri, 12 Nov 2021 11:35:27 GMT
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Content-Type
text/css;charset=UTF-8
Cache-Control
public, max-age=28800
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
10657
main.js
xtramiles.afrasiabank.com/rewards/theme/phoenix/javascripts/ 		343 KB
345 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xtramiles.afrasiabank.com/rewards/theme/phoenix/javascripts/main.js?20190601
Requested by
Host: xtramiles.afrasiabank.com
URL: https://xtramiles.afrasiabank.com/rewards/phoenix/Afrasia
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.119.218.211 St Louis, United States, ASN26380 (MASTER-7-AS, US),
Reverse DNS
chaserewardsfordebit.com
Software
/
Resource Hash
d49a9972969fc48750b73c5f5323ef63cfd13459007a268ecdb6dc059cb202ce
Security Headers
Name Value
Strict-Transport-Security max-age=600
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xtramiles.afrasiabank.com/rewards/phoenix/Afrasia
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Strict-Transport-Security
max-age=600
Last-Modified
Thu, 02 Sep 2021 17:48:28 GMT
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
ETag
W/"350692-1630604908000"
Vary
Accept-Encoding
Content-Type
application/javascript;charset=UTF-8
Cache-Control
max-age=28800
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=68
Date
Fri, 12 Nov 2021 11:35:27 GMT
Expires
Fri, 12 Nov 2021 19:35:27 GMT
xfs.js
xtramiles.afrasiabank.com/rewards/ 		47 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xtramiles.afrasiabank.com/rewards/xfs.js?20190601
Requested by
Host: xtramiles.afrasiabank.com
URL: https://xtramiles.afrasiabank.com/rewards/phoenix/Afrasia
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.119.218.211 St Louis, United States, ASN26380 (MASTER-7-AS, US),
Reverse DNS
chaserewardsfordebit.com
Software
/
Resource Hash
cd9b90db39a0d7b05b811e443b997f97deeaf2b4b0fb7da7449bbe32ca46e81e
Security Headers
Name Value
Strict-Transport-Security max-age=600
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xtramiles.afrasiabank.com/rewards/phoenix/Afrasia
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Strict-Transport-Security
max-age=600
Last-Modified
Thu, 02 Sep 2021 17:48:34 GMT
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
ETag
W/"47-1630604914000"
Vary
Accept-Encoding
Content-Type
application/javascript;charset=UTF-8
Cache-Control
max-age=28800
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Date
Fri, 12 Nov 2021 11:35:27 GMT
Expires
Fri, 12 Nov 2021 19:35:27 GMT
ir.js
xtramiles.afrasiabank.com/rewards/ 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xtramiles.afrasiabank.com/rewards/ir.js?20190601
Requested by
Host: xtramiles.afrasiabank.com
URL: https://xtramiles.afrasiabank.com/rewards/phoenix/Afrasia
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.119.218.211 St Louis, United States, ASN26380 (MASTER-7-AS, US),
Reverse DNS
chaserewardsfordebit.com
Software
/
Resource Hash
a1cf9d527e2a56458914d91afeb335b9c3a17846fb97c50f76b82309eeeac392
Security Headers
Name Value
Strict-Transport-Security max-age=600
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xtramiles.afrasiabank.com/rewards/phoenix/Afrasia
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Strict-Transport-Security
max-age=600
Last-Modified
Thu, 02 Sep 2021 17:48:20 GMT
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
ETag
W/"4901-1630604900000"
Vary
Accept-Encoding
Content-Type
application/javascript;charset=UTF-8
Cache-Control
max-age=28800
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Date
Fri, 12 Nov 2021 11:35:27 GMT
Expires
Fri, 12 Nov 2021 19:35:27 GMT
ajaxframework.js
xtramiles.afrasiabank.com/rewards/ 		8 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xtramiles.afrasiabank.com/rewards/ajaxframework.js?20190601
Requested by
Host: xtramiles.afrasiabank.com
URL: https://xtramiles.afrasiabank.com/rewards/phoenix/Afrasia
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.119.218.211 St Louis, United States, ASN26380 (MASTER-7-AS, US),
Reverse DNS
chaserewardsfordebit.com
Software
/
Resource Hash
adc1043cfb79ec6bf3428329c8b6f14b50e9733f1ed46dfbd354893b74d498d0
Security Headers
Name Value
Strict-Transport-Security max-age=600
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xtramiles.afrasiabank.com/rewards/phoenix/Afrasia
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Strict-Transport-Security
max-age=600
Last-Modified
Thu, 02 Sep 2021 17:47:58 GMT
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
ETag
W/"7991-1630604878000"
Vary
Accept-Encoding
Content-Type
application/javascript;charset=UTF-8
Cache-Control
max-age=28800
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Date
Fri, 12 Nov 2021 11:35:27 GMT
Expires
Fri, 12 Nov 2021 19:35:27 GMT
foundation.min.js
xtramiles.afrasiabank.com/rewards/theme/phoenix/javascripts/ 		86 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xtramiles.afrasiabank.com/rewards/theme/phoenix/javascripts/foundation.min.js?20190601
Requested by
Host: xtramiles.afrasiabank.com
URL: https://xtramiles.afrasiabank.com/rewards/phoenix/Afrasia
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.119.218.211 St Louis, United States, ASN26380 (MASTER-7-AS, US),
Reverse DNS
chaserewardsfordebit.com
Software
/
Resource Hash
2cb4a74745e7e47ce8fd783c3125d7604c77e35f7753aced8e15bea30ba76622
Security Headers
Name Value
Strict-Transport-Security max-age=600
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xtramiles.afrasiabank.com/rewards/phoenix/Afrasia
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Strict-Transport-Security
max-age=600
Last-Modified
Thu, 02 Sep 2021 17:48:18 GMT
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
ETag
W/"87715-1630604898000"
Vary
Accept-Encoding
Content-Type
application/javascript;charset=UTF-8
Cache-Control
max-age=28800
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Date
Fri, 12 Nov 2021 11:35:27 GMT
Expires
Fri, 12 Nov 2021 19:35:28 GMT
top_nav_program_logo20180905.png
xtramiles.afrasiabank.com/rewards/_images/Programs/Afrasia/en_US/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xtramiles.afrasiabank.com/rewards/_images/Programs/Afrasia/en_US/top_nav_program_logo20180905.png
Requested by
Host: xtramiles.afrasiabank.com
URL: https://xtramiles.afrasiabank.com/rewards/phoenix/Afrasia
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.119.218.211 St Louis, United States, ASN26380 (MASTER-7-AS, US),
Reverse DNS
chaserewardsfordebit.com
Software
/
Resource Hash
add5d0a038f598c673470fa9901105e9e352675e76301f69dca96e686cbd9f26
Security Headers
Name Value
Strict-Transport-Security max-age=600
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xtramiles.afrasiabank.com/rewards/phoenix/Afrasia
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Strict-Transport-Security
max-age=600
Last-Modified
Thu, 06 Aug 2020 22:41:34 GMT
Date
Fri, 12 Nov 2021 11:35:28 GMT
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Content-Type
image/png;charset=UTF-8
Cache-Control
public, max-age=28800
Connection
Keep-Alive
Keep-Alive
timeout=5, max=97
Content-Length
4076
recaptcha.js
xtramiles.afrasiabank.com/rewards/theme/phoenix/javascripts/widget/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xtramiles.afrasiabank.com/rewards/theme/phoenix/javascripts/widget/recaptcha.js
Requested by
Host: xtramiles.afrasiabank.com
URL: https://xtramiles.afrasiabank.com/rewards/phoenix/Afrasia
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.119.218.211 St Louis, United States, ASN26380 (MASTER-7-AS, US),
Reverse DNS
chaserewardsfordebit.com
Software
/
Resource Hash
f17231613de7d657bdf210eb71b50bfe257ad35607813ba687b047a1ce5231d7
Security Headers
Name Value
Strict-Transport-Security max-age=600
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xtramiles.afrasiabank.com/rewards/phoenix/Afrasia
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Strict-Transport-Security
max-age=600
Last-Modified
Thu, 02 Sep 2021 17:48:30 GMT
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
ETag
W/"1891-1630604910000"
Vary
Accept-Encoding
P3P
CP="This policy is not implemented by this web site."
Access-Control-Allow-Origin
*
Cache-Control
max-age=28800
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
application/javascript;charset=UTF-8
Keep-Alive
timeout=5, max=96
Date
Fri, 12 Nov 2021 11:35:28 GMT
Expires
Fri, 12 Nov 2021 19:35:28 GMT
print.css
xtramiles.afrasiabank.com/rewards/theme/phoenix/css/ 		7 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xtramiles.afrasiabank.com/rewards/theme/phoenix/css/print.css?20190601
Requested by
Host: xtramiles.afrasiabank.com
URL: https://xtramiles.afrasiabank.com/rewards/phoenix/Afrasia
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.119.218.211 St Louis, United States, ASN26380 (MASTER-7-AS, US),
Reverse DNS
chaserewardsfordebit.com
Software
/
Resource Hash
c333e2a78812c077160688d3b0cde6f7155a0e2c945228c073ae73fcc0f7eecb
Security Headers
Name Value
Strict-Transport-Security max-age=600
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xtramiles.afrasiabank.com/rewards/phoenix/Afrasia
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Strict-Transport-Security
max-age=600
Content-Encoding
gzip
Last-Modified
Thu, 02 Sep 2021 17:47:56 GMT
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
ETag
W/"7129-1630604876000"
Vary
Accept-Encoding
Content-Type
text/css;charset=UTF-8
Cache-Control
max-age=28800
Date
Fri, 12 Nov 2021 11:35:29 GMT
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=67
Content-Length
2782
Expires
Fri, 12 Nov 2021 19:35:29 GMT
login_img_1_17035.jpg
xtramiles.afrasiabank.com/rewards/_images/ProgramContents/8527/en_US/ 		373 KB
375 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xtramiles.afrasiabank.com/rewards/_images/ProgramContents/8527/en_US/login_img_1_17035.jpg
Requested by
Host: xtramiles.afrasiabank.com
URL: https://xtramiles.afrasiabank.com/rewards/phoenix/Afrasia
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.119.218.211 St Louis, United States, ASN26380 (MASTER-7-AS, US),
Reverse DNS
chaserewardsfordebit.com
Software
/
Resource Hash
6c10e09d9f9f90b9d910faaa5b10e138e33e5760df3c776daf0352ab443f2377
Security Headers
Name Value
Strict-Transport-Security max-age=600
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xtramiles.afrasiabank.com/rewards/phoenix/Afrasia
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Strict-Transport-Security
max-age=600
Last-Modified
Thu, 06 Aug 2020 23:49:19 GMT
Date
Fri, 12 Nov 2021 11:35:28 GMT
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Content-Type
image/jpeg;charset=UTF-8
Cache-Control
public, max-age=28800
Transfer-Encoding
chunked
Connection
Keep-Alive
Keep-Alive
timeout=5, max=94
ImageDisplayServlet
xtramiles.afrasiabank.com/rewards/ 		262 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xtramiles.afrasiabank.com/rewards/ImageDisplayServlet?file=/apps_01/webapps/MRS/mcrewards_content/SocialMedia/FacebookIBQV2.png
Requested by
Host: xtramiles.afrasiabank.com
URL: https://xtramiles.afrasiabank.com/rewards/phoenix/Afrasia
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.119.218.211 St Louis, United States, ASN26380 (MASTER-7-AS, US),
Reverse DNS
chaserewardsfordebit.com
Software
/
Resource Hash
029873c213750f2ceffdab1228ae4703784b6535303fcae9fb92763f45898794
Security Headers
Name Value
Strict-Transport-Security max-age=600
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xtramiles.afrasiabank.com/rewards/phoenix/Afrasia
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Strict-Transport-Security
max-age=600
Last-Modified
Thu, 06 Aug 2020 23:48:57 GMT
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Date
Fri, 12 Nov 2021 11:35:29 GMT
Vary
Accept-Encoding
Content-Type
image/png;charset=UTF-8
Cache-Control
public, max-age=28800
Connection
Keep-Alive
Keep-Alive
timeout=5, max=96
Content-Length
262
ImageDisplayServlet
xtramiles.afrasiabank.com/rewards/ 		353 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xtramiles.afrasiabank.com/rewards/ImageDisplayServlet?file=/apps_01/webapps/MRS/mcrewards_content/SocialMedia/LinkedinIBQV2.png
Requested by
Host: xtramiles.afrasiabank.com
URL: https://xtramiles.afrasiabank.com/rewards/phoenix/Afrasia
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.119.218.211 St Louis, United States, ASN26380 (MASTER-7-AS, US),
Reverse DNS
chaserewardsfordebit.com
Software
/
Resource Hash
94f876b3cc71cc7dca7d0c9720762d1c63c8efc176a336d5d80ed83fcfc02f8f
Security Headers
Name Value
Strict-Transport-Security max-age=600
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xtramiles.afrasiabank.com/rewards/phoenix/Afrasia
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Strict-Transport-Security
max-age=600
Last-Modified
Thu, 06 Aug 2020 23:48:57 GMT
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Date
Fri, 12 Nov 2021 11:35:29 GMT
Vary
Accept-Encoding
Content-Type
image/png;charset=UTF-8
Cache-Control
public, max-age=28800
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
353
ImageDisplayServlet
xtramiles.afrasiabank.com/rewards/ 		462 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xtramiles.afrasiabank.com/rewards/ImageDisplayServlet?file=/apps_01/webapps/MRS/mcrewards_content/SocialMedia/InstagramIBQV2.png
Requested by
Host: xtramiles.afrasiabank.com
URL: https://xtramiles.afrasiabank.com/rewards/phoenix/Afrasia
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.119.218.211 St Louis, United States, ASN26380 (MASTER-7-AS, US),
Reverse DNS
chaserewardsfordebit.com
Software
/
Resource Hash
94499a466f25d21109c2fe61f9ace44baa2698035f7ac5b413a075003b4d2efb
Security Headers
Name Value
Strict-Transport-Security max-age=600
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xtramiles.afrasiabank.com/rewards/phoenix/Afrasia
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Strict-Transport-Security
max-age=600
Last-Modified
Thu, 06 Aug 2020 23:48:57 GMT
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Date
Fri, 12 Nov 2021 11:35:29 GMT
Vary
Accept-Encoding
Content-Type
image/png;charset=UTF-8
Cache-Control
public, max-age=28800
Connection
Keep-Alive
Keep-Alive
timeout=5, max=96
Content-Length
462
ImageDisplayServlet
xtramiles.afrasiabank.com/rewards/ 		360 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xtramiles.afrasiabank.com/rewards/ImageDisplayServlet?file=/apps_01/webapps/MRS/mcrewards_content/SocialMedia/TwitterIBQV2.png
Requested by
Host: xtramiles.afrasiabank.com
URL: https://xtramiles.afrasiabank.com/rewards/phoenix/Afrasia
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.119.218.211 St Louis, United States, ASN26380 (MASTER-7-AS, US),
Reverse DNS
chaserewardsfordebit.com
Software
/
Resource Hash
25aa88cc796561a9f68c0f35f44d83da37c286dff142349710bd653bc18cb730
Security Headers
Name Value
Strict-Transport-Security max-age=600
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xtramiles.afrasiabank.com/rewards/phoenix/Afrasia
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Strict-Transport-Security
max-age=600
Last-Modified
Thu, 06 Aug 2020 23:48:57 GMT
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Date
Fri, 12 Nov 2021 11:35:29 GMT
Vary
Accept-Encoding
Content-Type
image/png;charset=UTF-8
Cache-Control
public, max-age=28800
Connection
Keep-Alive
Keep-Alive
timeout=5, max=92
Content-Length
360
rem.min.js
xtramiles.afrasiabank.com/rewards/theme/phoenix/javascripts/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xtramiles.afrasiabank.com/rewards/theme/phoenix/javascripts/rem.min.js
Requested by
Host: xtramiles.afrasiabank.com
URL: https://xtramiles.afrasiabank.com/rewards/phoenix/Afrasia
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.119.218.211 St Louis, United States, ASN26380 (MASTER-7-AS, US),
Reverse DNS
chaserewardsfordebit.com
Software
/
Resource Hash
f2dc482eddcc546c94c98cdbac6b4117c720d02f0b171580fd11f57397e22e3d
Security Headers
Name Value
Strict-Transport-Security max-age=600
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xtramiles.afrasiabank.com/rewards/phoenix/Afrasia
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Strict-Transport-Security
max-age=600
Last-Modified
Thu, 02 Sep 2021 17:48:32 GMT
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
ETag
W/"2344-1630604912000"
Vary
Accept-Encoding
Content-Type
application/javascript;charset=UTF-8
Cache-Control
max-age=28800
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Date
Fri, 12 Nov 2021 11:35:28 GMT
Expires
Fri, 12 Nov 2021 19:35:28 GMT

Verdicts & Comments Add Verdict or Comment

215 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| global function| displayOverlay function| hideOverlay function| animateNumericValue function| prepareSkipToContentLink function| setCookie function| getCookie function| showNotif function| showPopups function| focusPopup function| disableSecondaryShippingOnLoad function| disableSecondaryShipping function| focusDelay function| focusProducts function| checkBrowser function| showLoader function| hideLoader undefined| pwd_visible_timeout undefined| pwd_cfm_visible_timeout function| showPassword function| showPasswordToConfirm function| showCurrentPassword function| hidePassword function| hidePasswordToConfirm function| hideCurrentPassword function| fancyBoxPostFocus function| disableScroll function| enableScroll object| Modernizr function| _ function| $ function| jQuery object| Backbone object| SURPREENDA object| classie function| SelectFx function| doSubmit function| doCatSubmit function| appendFormElement function| getCSRFToken function| doOpenURL function| doOpenExternalURL function| doGoToURL function| doOpenUrlWithSpeedBump function| addLoadEventHandler function| addEventHandler function| keepAsInteger function| keepAsCurrencyInteger function| parseCurrency function| formatCurrency function| makeInteger function| ignoreSpaces function| getUrlParam function| removeSelQues function| allowOnlyIntWitMaxLen function| convertToInt function| imposeMaxLength function| positionToolTip function| readTextWithPost function| readXmlWithPost function| readJsonWithPost function| postJsonWithSrc function| getObjParam function| getParam function| getParamValues function| attachActivityIndicator function| centerWithinElement function| attachIframeHack function| dimensions function| vIE function| pageWidth function| pageHeight function| posLeft function| posTop function| posRight function| posBottom object| Foundation function| changeLanguage function| changeLanguageMobile function| open_speed_bump function| doPromoOptIn function| ajaxCallBack10000 string| langSelAnalyticsEvent function| callLangSelectAnalyticsDirectRule function| doLoginEnterKey function| doAjaxCall9002 function| AjaxCallBack9002 function| enableReCaptcha function| enableReCaptchaForLogin function| disableLogin function| disableLoginWithUserId function| openLogin function| enableAcctLoginBtnAfterCaptchaSuccess function| enableUserIdLoginButtonAfterCaptchaSuccess function| openLoginCallBack function| alertDeny function| goToVerify function| openVerifyCallBack function| goToSecurityProfile function| openSecurityProfileCallBack function| goToAuthentication function| openAuthenticationCallBack function| goToForgetUserIdOtp function| goToForgotEmail function| openForgotEmailCallBack function| goToForgotPassword function| goToForgotUserId function| goBackToForgotPassword function| openForgotPasswordCallBack function| openForgotUserIdAuthCodeCallBack function| goToPreRegistration function| openPreRegistrationCallBack function| redirect undefined| widget_id boolean| isCaptchaValidated function| loadReCaptchaForLogin function| loadReCaptcha function| recaptchaCallback function| intRdptRecaptchaCallback function| resetGoogleIntRdptReCaptcha function| resetGoogleReCaptcha function| phoenix_enrollment_widget_loadGoogleCaptchaCallBackScript function| phoenix_intRdpt_loadGoogleCaptchaCallBackScript function| reCaptchaCSS function| doAjaxCall9078 function| AjaxCallBack9078 function| goDisclosure function| goToDisclosureFromForgotPassword function| doAjaxCall9078Init function| AjaxCallBack9078Init function| disclosureCancel object| verFields function| doVerificationSetFocus function| doVerificationEnterKey function| verifySubmitAnalyticsEvent function| verifyCancelAnalyticsEvent function| stopEvent function| doAjaxCall6 function| validateOtpRegistration function| AjaxCallBack6 function| doClearAll function| enableBtns function| validateOTPLength function| validateOtpLoginCallBack function| regenerateOtpForRegistration function| changeCountryCallingCode function| doAjaxCall5048 function| AjaxCallBack5048 function| doChallengeQuestionSetFocus function| doChallengeQuestionEnterKey function| challengeQuestionStopEvent function| validateOtpLogin function| regenerateOtpLogin function| allowNumericOnly function| enableOtpSmsCountryCode function| doCancelPopup function| AjaxCallBackCancel function| doSecurityProfileEnterKey function| doAjaxCall5043 function| AjaxCallBack5043 function| securityProfileAnalyticsEvent function| setFocus function| doForgotPasswordEnterKey function| doAjaxCall5034 function| AjaxCallBack5034 function| validateOtp function| validateOtpCallBack function| enableBtn function| regenerateOtp function| enableRecaptchaForgetEmail function| disableSubmit function| enableBtnAfterCaptchaSuccess function| enableReCaptchaForForgotPwd function| doAjaxCall10111 function| enableRecaptcha function| disableRegisterBtn function| enableRegisterBtnAfterCaptchaSuccess function| AjaxCallBack10111 function| AjaxCallBackWinClose10111 function| doCancelReg10111 function| refreshCaptcha10111 function| AjaxCallBackCaptcha10111 function| setIEAdaValues function| checkIEBrowser object| optN object| jQuery17109124962776414618 function| doPreEnrollmentSubmit function| AjaxCallBackPreEnroll function| openPreEnrollment function| doQuickRegistrationSubmit function| AjaxCallBackQuickRegistration function| AjaxCallBack9005 string| freeFormAnalyticsEvent2 function| OpenInformationalContent function| OpenInformationalContentWitGlobalId function| OpenTermsAndConditions function| AjaxInformationalContentCallBack function| showInactivityMessage function| showRewardSummaryNotification function| closeInactivityNotification function| closeRewardSummaryNotification function| closeInactivityNotificationCallBack function| closeRewardSmmryPopUpMessageCallBack function| notificationMsgForChrome function| mobileViewForNotifMsg function| doOpenPreEnrollVerification function| doPreEnrollVerifySubmit function| openCallBack function| AjaxCallBack9072 string| ir2827 boolean| noPopups

6 Cookies

Domain/Path Name / Value
xtramiles.afrasiabank.com/rewards Name: mrs_ir_server_JSESSIONID
Value: 743B658C53E751481DD08669F18633DB
xtramiles.afrasiabank.com/rewards Name: TS019773f1
Value: 01772feb4b60f0bdb1b4e6cf228c4a9e7a9ef0aaf3e40eb1585e9c6777a04404264233ab56b2b361586e5a90f64e155b1410dcc72b502a77fc164e6fd62ccf975ee568460f9a456b1b0ca31b91c3e5d5861ef5d953
xtramiles.afrasiabank.com/ Name: REWARDS_STICKY
Value: sticky.route0
xtramiles.afrasiabank.com/ Name: LB1SESSION
Value: !zk1vmh3Nb8sxXgqbDsRT1JBJgR7fkbLZZf3/9Xn8GdYlaRXBLwvgabFTM7/UD52gp/2EcpDnHAEIhg==
xtramiles.afrasiabank.com/ Name: TS01915c84
Value: 01772feb4bdffbf4aee9741f614bda79ae9d3bceb9e40eb1585e9c6777a04404264233ab56b2b361586e5a90f64e155b1410dcc72b46953034a936cbc826a0f39db809953cc5122bfc9943f3d9d228b9fa19842391
xtramiles.afrasiabank.com/ Name: IDCSESSION
Value: !wQRZ1AqqrVnf1YLgmOOWm1Oorucqm1T09xExnXe5QorkWJ86E+kAXtb1tmT/9nqhhASXVrMIFFnljb8=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=600
X-Frame-Options SAMEORIGIN
X-Frame-Options SAMEORIGIN